Method and a system for communication between a terminal and at least one communication equipment

US 20050188219A1
Filed: 12/23/2004
Published: 08/25/2005
Est. Priority Date: 12/26/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method of communicating data securely between a terminal and at least one communicating equipment, which method comprises the steps of:

setting up at least one connection via at least one connection network between said terminal and said communicating equipment, commanding at least one procedure for activation of said secure communication by at least one first security device installed in said terminal for assigning to management of the secure communication an identifier corresponding to said communicating equipment with which said communication has been set up, said identifier corresponding to said activation procedure, said first security device identifying said communicating equipment in order to recognize the nature of said communicating equipment and to render said communicating equipment compatible with said terminal with no adaptation of the configuration, authenticating said communicating equipment by acquiring data processed by at least one security server using at least one seal key and at least said identifier corresponding to said activation procedure in order to add a random value for said identified communicating equipment, at least one approval device of said security server checking the integrity of said communicating equipment in order to verify if said communicating equipment has been corrupted using at least one integrity checking software executed on said transmitted data at the time of authentication and using random selection from a set of pairs of encryption keys for securing the decryption of said data, comparing the result of decrypting the data processed by said integrity checking software of said security server and executed by said communicating equipment with the result of encrypting the identity of said equipment in said security server, and in the case of identification, authentication and integrity checking results that are all positive and an identity result of said comparison, commanding at least one first management device installed in said terminal to set up secure data communication with said communicating equipment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of communicating data securely between a terminal and at least one communicating equipment. The communicating equipment in communication with the terminal is identified by at least one first security device installed in the terminal to recognize the nature of the communicating equipment. The communicating equipment is authenticated by acquiring data processed by at least one security server so that it is executable only by the communications equipment. The integrity of the communicating equipment is checked by at least one approval device of the security server using the data transmitted at the time of the authentication, and, in the event of correct identification, authentication and integrity checking at least one management device installed in the terminal is commanded to set up secure data communication with the communicating equipment.

Citations

16 Claims

1. A method of communicating data securely between a terminal and at least one communicating equipment, which method comprises the steps of:
- setting up at least one connection via at least one connection network between said terminal and said communicating equipment, commanding at least one procedure for activation of said secure communication by at least one first security device installed in said terminal for assigning to management of the secure communication an identifier corresponding to said communicating equipment with which said communication has been set up, said identifier corresponding to said activation procedure, said first security device identifying said communicating equipment in order to recognize the nature of said communicating equipment and to render said communicating equipment compatible with said terminal with no adaptation of the configuration, authenticating said communicating equipment by acquiring data processed by at least one security server using at least one seal key and at least said identifier corresponding to said activation procedure in order to add a random value for said identified communicating equipment, at least one approval device of said security server checking the integrity of said communicating equipment in order to verify if said communicating equipment has been corrupted using at least one integrity checking software executed on said transmitted data at the time of authentication and using random selection from a set of pairs of encryption keys for securing the decryption of said data, comparing the result of decrypting the data processed by said integrity checking software of said security server and executed by said communicating equipment with the result of encrypting the identity of said equipment in said security server, and in the case of identification, authentication and integrity checking results that are all positive and an identity result of said comparison, commanding at least one first management device installed in said terminal to set up secure data communication with said communicating equipment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A secure data communications method according to claim 1, wherein, to prevent prediction of the result, the decryption of the data processed by said security server and executed by said communicating equipment depends on the integrity checking carried out by said approval device installed in said security server as a function of the configuration of said communicating equipment at a given time.
  - 3. A secure data communications method according to claim 1, wherein exchange of data between said terminal and said communicating equipment is managed and controlled by means of at least one first security device and at least one second security device installed in said terminal and said communicating equipment, respectively, to share security management of said communication that has been set up.
  - 4. A secure data communications method according to claim 1, wherein, to process the data before transmission and to validate a transmitted message, exchange of data between said terminal and said communicating equipment is secured by means of the condensate of at least one encryption key and at least said identifier corresponding to said activation procedure.
  - 5. A secure data communications method according to claim 1, wherein, to process the data before transmission and to validate a transmitted message, exchange of data between said terminal and said security server is secured by using the condensate of at least one encryption key and at least said identifier corresponding to said activation procedure.
  - 6. A secure data communications method according to claim 1, wherein, to increase the security of said set-up communication, the setting of at least one secure communications parameter is controlled by said first security device of terminal automatically, without intervention of a user of said terminal.
  - 7. A secure data communications method according to claim 1, wherein said terminal receives a message regarding the stopping of the setting up of said communication by said user interface in the event of failure of identification, authentication or integrity checking.
  - 8. A secure data communications method according to claim 1, wherein a plurality of communicating equipments simultaneously set up communication with said terminal via at least one connection network.
  - 9. A secure data communications method according to claim 1, wherein a plurality of communicating equipments communicate independently with said terminal via said connection network by virtue of the identification of an activation procedure for each of said communicating equipments communicating with said terminal.

10. A system for communicating data securely between a terminal and at least one communicating equipment, wherein, communication having been set up between said terminal and said communicating equipment, said system comprises:
- said terminal, at least one communicating equipment communicating with said terminal, and at least one security server including at least one approval device adapted to validate the identification, authentication and integrity checking of at least one communicating equipment to secure said communication that has been set up with at least one first security device installed in said terminal which is equipped with at least one first management device for managing said communicating equipment.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. A security server adapted to be used in a secure data communications system according to claim 10, wherein said server comprises at least one approval device adapted to validate the identification, authentication and integrity checking of at least one communicating equipment and means for sending and receiving data to be exchanged with said terminal.
  - 12. A security server according to claim 11, wherein said approval device is integrated into said terminal.
  - 13. A security server according to claim 11, wherein identification, authentication and integrity checking of said communicating equipment are effected by different and separate devices.
  - 14. A terminal adapted to be used in a secure data communications system according to claim 10, wherein said terminal comprises at least one first security device for receiving the identity of said communicating equipment and dialoguing with said security server, at least one user interface for accessing the resources of said terminal to inform a user of said terminal, at least one first management device for managing said terminal, and means for sending and receiving data.
  - 15. A communicating equipment including at least means for sending and receiving data to communicate with a terminal adapted to be used in a secure data communications system according to claim 10, wherein said communicating equipment comprises at least one second security device for identifying, authenticating and integrity checking said communicating equipment and at least one second management device for managing said terminal.
  - 16. A communicating equipment according to claim 15, wherein said second security device and said second management device of said communicating equipment prohibit any intervention on said communicating equipment by said user of said mobile terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Orange France (Orange S.A.)
Original Assignee
Orange France (Orange S.A.)
Inventors
Annic, Etienne, Thorigne, Yves, Picquenot, David

Application Number

US11/020,850
Publication Number

US 20050188219A1
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

H04L 41/00   Arrangements for maintenanc...

H04L 63/08   for authentication of entit...

H04L 63/12   Applying verification of th...

H04L 63/20   for managing network securi...

Method and a system for communication between a terminal and at least one communication equipment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Method and a system for communication between a terminal and at least one communication equipment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links